topic Hello Chris, in Cloud Security

Web Security with NTD

Joshuskarki — Sat, 09 Mar 2019 01:38:18 GMT

Hello!

I am having an unusual issues with AnyConnect Web Security (4.2.x) when NTD is enabled. The trusted network detection works just fine when it sees that the connection is in trusted network and the traffic passes through as normal, but when I am in public network or untrusted network, it says the "Web Security Service Unavailable" and literally kills all traffic. When I have the .wso or .xml file without NTD enabled, again, works great but the catch is it sends all http traffic to cloud even the connection is in the trusted network.

I have tried unstalling and re-installing the client and clearing all profiles manually, but still no good.

Event log shows:

Event 256, acwebsecapi

ERR | Thread 0099CA10 | ClientComm : Error in receive. Code : -1

ERR | Thread 0099CA10 | Socket is not available

Before reaching out to TAC for the help, I wonder if anyone in this community has encountered similar issue and got it resolved. If so, it would be a great help if you could share..

Thanks!

Josh

Hi Josh,

Edan Mudachi — Tue, 19 Jan 2016 18:23:55 GMT

Hi Josh,

As this issue requires some in depth investigation, I would recommend opening a TAC case with the above information, also please make sure to attach a DART bundle from a client after reproducing the issue.

Sincerely,

Edan Mudachi

Hm.. Ok. Thanks for the reply

Joshuskarki — Tue, 19 Jan 2016 19:01:21 GMT

Hm.. Ok. Thanks for the reply. I am opening the case with TAC right now 🙂

Josh

Josh,

rhnetworkteam — Mon, 12 Dec 2016 20:46:15 GMT

Josh,

I have a question did you ever get this figured out with TAC. We just had this issue come up in our environment.

Thanks,

Chris

Hello Chris,

dmccabej — Tue, 13 Dec 2016 00:24:59 GMT

Hello Chris,

Looking back at the TAC case that Josh had opened, it seems like this may have been an issue with the Windows FW. It looks like it worked after Windows Firewall had been disabled, but I don't really see any notes regarding a root cause and/or a definitive answer. Maybe Josh can chime in if he gets the chance to review this thread.

I suppose the Windows Firewall could have been blocking one of the following : AnyConnect WebSecurity directory and/or acwebsecagent.exe/vpnui.exe and/or ports 5001,5003.

You may want to try that and see if it helps.

Thanks!

-Dennis M.

Hello Dennis,

rhnetworkteam — Tue, 13 Dec 2016 13:28:00 GMT

Hello Dennis,

Thanks for the response. Firewall settings is something that we first looked into. This problem just all of a sudden started happening over the last couple of weeks. Once I get a problem laptop in from our end users I may start a TAC Case. We don't run Windows Firewall and the Firewalls we do run don't have anything blocking this.

Thanks,

Chris

Hello Chris,

dmccabej — Tue, 13 Dec 2016 21:17:07 GMT

Hello Chris,

You're very welcome! 🙂 Sorry the fix didn't seem to relate to your environment, but at least now something can be ruled out. As you already stated I would then recommend a TAC case whenever you need further assistance.

Thanks!

-Dennis M.

Sorry, I just saw your

Joshuskarki — Fri, 16 Dec 2016 06:35:13 GMT

Sorry, I just saw your message. In my case it was the packaging (Marimba) tool which had some corrupt and incorrect files named pushed to C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Web Security\

The fix was a fresh re-install with one step newer release.

I suggest you to give a try with a complete uninstall and install with newer release and see how that goes.

Josh